I have an unmanaged interface that I use for tailscale. This interface is assigned its own firewall zone:
/etc/config/network
config interface 'tailscale'
option proto 'none'
option device 'tailscale0'
/etc/config/firewall
config zone
option name 'tailscale'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
option masq '1'
option mtu_fix '1'
list network 'tailscale'
config forwarding
option src 'tailscale'
option dest 'lan'
config forwarding
option src 'tailscale'
option dest 'wan'
config forwarding
option src 'lan'
option dest 'tailscale'
I want to forward DNS requests from this interface to https-dns-proxy. I have tried simply adding the interface to an existing dnsmasq instance (see below for config), but it doesn't seem to work.
/etc/config/dhcp
config dnsmasq 'main_dns'
option domainneeded '1'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option localservice '1'
option noresolv '1'
option ednspacket_max '1232'
list notinterface 'loopback'
list server '/mask.icloud.com/'
list server '/mask-h2.icloud.com/'
list server '/use-application-dns.net/'
list server '127.0.0.1#5053'
list doh_server '127.0.0.1#5053'
list interface 'guest'
list interface 'lan'
list interface tailscale
Is anybody able to advise what I'm missing here?
Thank you.